I enabled "Weak Ciphers" and "CBC Ciphers for old TLS" in Settings:General:Other, and that seems to have worked, implying that the sender has an outdated installation, I presume?

I have a few questions:

1.) What are the currently recommended settings for TLS Sessions?
2.) What are my options for this sender? I believe that I can force SMTP to not advertise TLS for certain hosts?
3.) Where can I determine what ciphers are being used to provide evidence to the sender that they need to fix their end?